192.168.1.113 | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: Permission denied (publickey,password).\r\n",
"unreachable": true
}
์ด ์ค๋ฅ๊ฐ ์์ต๋๋ค. Virtualbox์์ Debian Stretch์ ๊ฒ์คํธ manjaro๋ฅผ ์ฌ์ฉํฉ๋๋ค.
๊ฐ์ ๋ฌธ์ ์ ์ง๋ฉดํด ์์ต๋๋ค. ์ํ์.
๋ ๋ง์ ์ถ๋ ฅ์ ์ํด -vvvv
์ต์
์ ์ฌ์ฉํ์ฌ ๋์ผํ ๋ช
๋ น์ ์คํํ ์ ์์ต๋๊น? ์ ๋ฐ !
guru@tj-lp140:/etc/ansible$ ansible all -m ping -vvv
Using /etc/ansible/ansible.cfg as config file
Using module file /usr/lib/python2.7/dist-packages/ansible/modules/core/system/ping.py
<35.165.79.66> ESTABLISH SSH CONNECTION FOR USER: None
<35.165.79.66> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/home/guru/.ansible/cp/ansible-ssh-%h-%p-%r 35.165.79.66 '/bin/sh -c '"'"'( umask 77 && mkdir -p "` echo /tmp/ansible-tmp-1482309322.49-151682117578429 `" && echo ansible-tmp-1482309322.49-151682117578429="` echo /tmp/ansible-tmp-1482309322.49-151682117578429 `" ) && sleep 0'"'"''
๊ฐ์ฌ ํด์.
๊ทํ์ ์ถ๋ ฅ์์ โโ๋๋ ๋น์ ์ด ์ง์ ๋ ansible_user ๊ฐ ์์์ ์ ์ ์์ต๋๋ค:
<35.165.79.66> ESTABLISH SSH CONNECTION FOR USER: None
๊ณ ์์ด ์ธ๋ฒคํ ๋ฆฌ ํ์ผ์ ๋ด์ฉ๋ ํ์ํฉ๋๊น?
# This is the default ansible 'hosts' file.
#
# It should live in /etc/ansible/hosts
#
# - Comments begin with the '#' character
# - Blank lines are ignored
# - Groups of hosts are delimited by [header] elements
# - You can enter hostnames or ip addresses
# - A hostname/ip can be a member of multiple groups
# Ex 1: Ungrouped hosts, specify before any group headers.
## green.example.com
## blue.example.com
## 192.168.100.1
## 192.168.100.10
# Ex 2: A collection of hosts belonging to the 'webservers' group
[webservers]
35.165.79.66
# If you have multiple hosts following a pattern you can specify
# them like this:
## www[001:006].example.com
# Ex 3: A collection of database servers in the 'dbservers' group
## [dbservers]
##
## db01.intranet.mydomain.net
## db02.intranet.mydomain.net
## 10.25.1.56
## 10.25.1.57
# Here's another example of host ranges, this time there are no
# leading 0s:
## db-[99:101]-node.example.com
ssh [email protected] ์ฐ๊ฒฐ์ด ์ค์ ๋ฉ๋๋ค. ๊ทธ๋ฌ๋ ๊ฐ๋ฅํ ๋ช ๋ น์ ์๋ฃํ ์ ์์ต๋๋ค.
์ข์,
๋ช
๋ น์ all
๋ฅผ ์ง์ ํ๋ฉด ๋๋ฒ๊ทธํ๊ธฐ๊ฐ ์ฝ๊ฐ ์ด๋ ต์ต๋๋ค.
hosts
ํ์ผ์ ๋ชจ๋ ํ์ ์ฃผ์์ ์ถ๊ฐํ์ญ์์ค.
[webserver]
35.165.79.66 ansible_user=ubuntu
๋ค์์ ์คํํ์ญ์์ค.
$: ansible webserver -m ping -vvv
๊ทธ๋ฆฌ๊ณ ์ถ๋ ฅ์ ๋ณด์ฌ์ฃผ์ธ์.
๋ฌธ์ ์ธ์ฌ
guru@tj-lp140:/etc/ansible$ ansible webservers -m ping -vvv
Using /etc/ansible/ansible.cfg as config file
Using module file /usr/lib/python2.7/dist-packages/ansible/modules/core/system/ping.py
<35.165.79.66> ESTABLISH SSH CONNECTION FOR USER: ubuntu
<35.165.79.66> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=ubuntu -o ConnectTimeout=10 -o ControlPath=/home/guru/.ansible/cp/ansible-ssh-%h-%p-%r 35.165.79.66 '/bin/sh -c '"'"'( umask 77 && mkdir -p "` echo $HOME/.ansible/tmp/ansible-tmp-1482312980.96-238945640414494 `" && echo ansible-tmp-1482312980.96-238945640414494="` echo $HOME/.ansible/tmp/ansible-tmp-1482312980.96-238945640414494 `" ) && sleep 0'"'"''
<35.165.79.66> PUT /tmp/tmpxll2kJ TO /home/ubuntu/.ansible/tmp/ansible-tmp-1482312980.96-238945640414494/ping.py
<35.165.79.66> SSH: EXEC sftp -b - -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=ubuntu -o ConnectTimeout=10 -o ControlPath=/home/guru/.ansible/cp/ansible-ssh-%h-%p-%r '[35.165.79.66]'
<35.165.79.66> ESTABLISH SSH CONNECTION FOR USER: ubuntu
<35.165.79.66> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=ubuntu -o ConnectTimeout=10 -o ControlPath=/home/guru/.ansible/cp/ansible-ssh-%h-%p-%r 35.165.79.66 '/bin/sh -c '"'"'chmod u+x /home/ubuntu/.ansible/tmp/ansible-tmp-1482312980.96-238945640414494/ /home/ubuntu/.ansible/tmp/ansible-tmp-1482312980.96-238945640414494/ping.py && sleep 0'"'"''
<35.165.79.66> ESTABLISH SSH CONNECTION FOR USER: ubuntu
<35.165.79.66> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=ubuntu -o ConnectTimeout=10 -o ControlPath=/home/guru/.ansible/cp/ansible-ssh-%h-%p-%r -tt 35.165.79.66 '/bin/sh -c '"'"'/usr/bin/python /home/ubuntu/.ansible/tmp/ansible-tmp-1482312980.96-238945640414494/ping.py; rm -rf "/home/ubuntu/.ansible/tmp/ansible-tmp-1482312980.96-238945640414494/" > /dev/null 2>&1 && sleep 0'"'"''
35.165.79.66 | FAILED! => {
"changed": false,
"failed": true,
"invocation": {
"module_name": "ping"
},
"module_stderr": "Shared connection to 35.165.79.66 closed.\r\n",
"module_stdout": "/bin/sh: 1: /usr/bin/python: not found\r\n",
"msg": "MODULE FAILURE"
}
<192.168.1.113> ESTABLISH SSH CONNECTION FOR USER: fulgor
<192.168.1.113> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=fulgor -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/ansible-ssh-%h-%p-%r 192.168.1.113 '/bin/sh -c '"'"'( umask 77 && mkdir -p "` echo $HOME/.ansible/tmp/ansible-tmp-1482330370.75-42265180130710 `" && echo ansible-tmp-1482330370.75-42265180130710="` echo $HOME/.ansible/tmp/ansible-tmp-1482330370.75-42265180130710 `" ) && sleep 0'"'"''
192.168.1.113 | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: Permission denied (publickey,password).\r\n",
"unreachable": true
}
ssh ํค๊ฐ ์ฌ์์ฑ๋๋๋ก ๊ฐ์ ์์์์ ์ด๋ฏธ์ง ๋์คํฌ๋ฅผ ๋ณ๊ฒฝํ์ง๋ง ์ด ์๊ฐ๋ถํฐ ์ค๋ฅ ๋ฉ์์ง๊ฐ ํ์๋ฉ๋๋ค.
๋น์ ์ด ๋๋ฅผ ๋์ธ ์ ?
๋ง์คํฐ ๋ ธ๋์์ ssh ํค๋ฅผ ์์ฑํฉ๋๋ค.
root<strong i="6">@master</strong>:~# ssh-keygen -t rsa -C "[email protected]"
๊ทธ๋ฐ ๋ค์ ssh-copy-id๋ฅผ ์ฌ์ฉํ์ฌ ๊ณต๊ฐ ํค๋ฅผ ์๋ฒ์ ๋ณต์ฌํฉ๋๋ค.
root<strong i="10">@master</strong>:~# ssh-copy-id [email protected]
root<strong i="11">@master</strong>:~# ssh-copy-id [email protected]
์ด ์น์ฌ์ดํธ https://valdhaus.co/writings/ansible-post-install/ ์์ ์ด ์ ๋ณด๋ฅผ ์ป์๊ณ ์๋ ์ค์ ๋๋ค.
@ guruprasad85 ์๊ฒฉ ์์คํ (35.165.79.66)์์ "python"์ด ๋๋ฝ๋ ๊ฒ ๊ฐ์ต๋๋ค.
"module_name": "ping"
},
"module_stderr": "Shared connection to 35.165.79.66 closed.\r\n",
"module_stdout": "/bin/sh: 1: /usr/bin/python: not found\r\n",
"msg": "MODULE FAILURE"
}
์๋
,
ํด๊ฒฐ์ฑ
์ ์ฐพ์์ต๋๋ค.
ami(ubuntu 16) OS๋ฅผ ์ฌ์ฉํ๋ ๊ฒฝ์ฐ Python์ด ์ค์น๋์ด ์์ง ์์ผ๋ฏ๋ก ์ค์นํด์ผ ํฉ๋๋ค. ์๋ ๋ช
๋ น์ ์ฌ์ฉํ์ฌ python์ ์ค์นํ์ญ์์ค -
sudo apt-get install python-minimal -y
๋๋
ami(ubuntu 14) OS๋ฅผ ์ฌ์ฉํด์ผ ํฉ๋๋ค. ํ์ด์ฌ 2.7์ด ์์ต๋๋ค.
์ฐธ๊ณ : ์์คํ ์ ์๋ OS ๋ฒ์ ์ ํ์ธํ์ญ์์ค.
ํด๊ฒฐ์ฑ ์ ์ฐพ์ผ์ จ๋ค๋ ๋คํ์ ๋๋ค.
Ansible ์ ์ด ์์คํ
(UBUNTU 14.04 VM์ ์ค์น๋จ)์์ ์ผํธ OS ์ธ์คํด์ค๋ก ping์ ์๋ํ๊ณ ์์ต๋๋ค.
๋ ๋ค google ํด๋ผ์ฐ๋ ์ธ์คํด์ค์
๋๋ค(python์ด ์ค์น๋ ์ํ).
๋๋ ๊ทธ๋ค ์ฌ์ด์ ์ฐ๊ฒฐ ์ํ์ ๋ํด ํ์ ํ ์ ์์ต๋๋ค. ์๋์ ๊ฐ๋ฅํ all -m ping ๊ฒฐ๊ณผ์์ ๋ด SSH์ ๋ฌธ์ ๊ฐ ์์์ ์ ์ ์์ต๋๋ค.
35.185.191.25 | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).\r\n",
"unreachable": true
# ansible all -m ping -vvv
Using /etc/ansible/ansible.cfg as config file
META: ran handlers
Using module file /usr/lib/python2.7/dist-packages/ansible/modules/system/ping.py
<127.0.0.1> ESTABLISH SSH CONNECTION FOR USER: None
<127.0.0.1> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/21f0e6a9ae 127.0.0.1 '/bin/sh -c '"'"'echo ~ && sleep 0'"'"''
Using module file /usr/lib/python2.7/dist-packages/ansible/modules/system/ping.py
<35.185.191.25> ESTABLISH SSH CONNECTION FOR USER: gane
<35.185.191.25> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=gane -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/4596e88996 35.185.191.25 '/bin/sh -c '"'"'echo ~ && sleep 0'"'"''
<127.0.0.1> (255, '', 'Permission denied (publickey).\r\n')
127.0.0.1 | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: Permission denied (publickey).\r\n",
"unreachable": true
}
<35.185.191.25> (255, '', 'Permission denied (publickey,gssapi-keyex,gssapi-with-mic).\r\n')
35.185.191.25 | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).\r\n",
"unreachable": true
}
๋ด VM ๊ฐ์ ์ฐ๊ฒฐ์ ๋ฌ์ฑํ๋๋ก ์ ์ํ ์ ์์ต๋๊น?
@ganfotry ๊ฐ์ ๋ฌธ์ ๊ฐ
๋ VM ๋ชจ๋์์ ํค๋ฅผ ์์ฑํ ๋ค์ ํค๋ฅผ ๋ณต์ฌํ์ฌ ๋ฌธ์ ๋ฅผ ํด๊ฒฐํ์ต๋๋ค.
Authorized_keys ๋ด๋ถ์์ ๋ฐ๋์ ๊ฒฝ์ฐ๋ ๋ง์ฐฌ๊ฐ์ง์
๋๋ค.
๊ทธ๋ ์๋์ ๊ฐ์ ๋ต๋ณ์ ๋ฐ์์ต๋๋ค. :)
ansible -m ping all
127.0.0.1 | SUCCESS => {
"changed": false,
"ping": "pong"
}
35.186.***.*** | SUCCESS => {
"changed": false,
"ping": "pong"
๊ฐ์ ๋ฌธ์ ๊ฐ ๋ฐ์ํ์ต๋๋ค.
$ ansible local -m ping
127.0.0.1 | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: Permission denied (publickey,password).\r\n",
"unreachable": true
}
๋ค์ ๋ช ๋ น์ ์ฌ์ฉํ์ฌ sshpass๋ฅผ ์ค์นํ์ฌ ๋ฌธ์ ๋ฅผ ํด๊ฒฐํ์ต๋๋ค.
sudo apt-get install sshpass
sshpass๋ฅผ ์ค์นํ ํ ๋ค์ ๋ช
๋ น์ ์คํํ์ต๋๋ค.
` json
ansible local -m ping --ask-pass
SSH password:
127.0.0.1 | SUCCESS => {
"changed": false,
"ping": "pong"
}
๋์์ด ๋์๊ธฐ๋ฅผ ๋ฐ๋๋๋ค!!!
์ด๊ฒ์ ๋๋ฅผ ์ํด ์ผํ์ผ๋ฏ๋ก ๋น์ ์๊ฒ๋ ๋์์ด ๋ ์ ์์ต๋๋ค.
๊ฐ์ธ ํค๋ฅผ ํค์ฒด์ธ์ ๋ฑ๋กํด ๋ณด์ญ์์ค.
ssh-agent bash
ssh-add <path to private key>
์ด๊ฒ์ด ์๋ํ๋ฉด ~/.ssh/config ํ์ผ์ ํค๋ฅผ ์ถ๊ฐํ์ญ์์ค.
์๋
,
๊ฐ๋ฅํ ํ์ GUI ๋ชจ๋์์ ๋ช
๋ น์ ์คํํ๋ ๋์ ์๋ ์ค๋ฅ๊ฐ ๋ฐ์ํฉ๋๋ค.
192.168.122.136 | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: Warning: Permanently added '192.168.122.136' (ECDSA) to the list of known hosts.\r\nPermission denied (publickey,password).\r\n",
"unreachable": true
}
๊ทธ๋ฌ๋ ์๋ฒ์ CLI ๋ชจ๋์์ ๊ฒฐ๊ณผ๋ฅผ ์ป์ ์ ์์ต๋๋ค.
[root<strong i="10">@node2</strong> ~]# ansible -m ping testservers
openstack | SUCCESS => {
"changed": false,
"ping": "pong"
}
์๋๋ ์ค๋ช ๋ ์ถ๋ ฅ์ ๋๋ค.
[root<strong i="14">@node2</strong> ~]# ansible testservers -m ping -vvv
Using /etc/ansible/ansible.cfg as config file
META: ran handlers
Using module file /usr/lib/python2.7/site-packages/ansible/modules/system/ping.py
<192.168.122.136> ESTABLISH SSH CONNECTION FOR USER: None
<192.168.122.136> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/859aa03053 192.168.122.136 '/bin/sh -c '"'"'echo ~ && sleep 0'"'"''
<192.168.122.136> (0, '/root\n', '')
<192.168.122.136> ESTABLISH SSH CONNECTION FOR USER: None
<192.168.122.136> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/859aa03053 192.168.122.136 '/bin/sh -c '"'"'( umask 77 && mkdir -p "` echo /root/.ansible/tmp/ansible-tmp-1497787246.45-142355876761696 `" && echo ansible-tmp-1497787246.45-142355876761696="` echo /root/.ansible/tmp/ansible-tmp-1497787246.45-142355876761696 `" ) && sleep 0'"'"''
<192.168.122.136> (0, 'ansible-tmp-1497787246.45-142355876761696=/root/.ansible/tmp/ansible-tmp-1497787246.45-142355876761696\n', '')
<192.168.122.136> PUT /tmp/tmpkAYqIN TO /root/.ansible/tmp/ansible-tmp-1497787246.45-142355876761696/ping.py
<192.168.122.136> SSH: EXEC sftp -b - -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/859aa03053 '[192.168.122.136]'
<192.168.122.136> (0, 'sftp> put /tmp/tmpkAYqIN /root/.ansible/tmp/ansible-tmp-1497787246.45-142355876761696/ping.py\n', '')
<192.168.122.136> ESTABLISH SSH CONNECTION FOR USER: None
<192.168.122.136> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/859aa03053 192.168.122.136 '/bin/sh -c '"'"'chmod u+x /root/.ansible/tmp/ansible-tmp-1497787246.45-142355876761696/ /root/.ansible/tmp/ansible-tmp-1497787246.45-142355876761696/ping.py && sleep 0'"'"''
<192.168.122.136> (0, '', '')
<192.168.122.136> ESTABLISH SSH CONNECTION FOR USER: None
<192.168.122.136> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/859aa03053 -tt 192.168.122.136 '/bin/sh -c '"'"'/usr/bin/python /root/.ansible/tmp/ansible-tmp-1497787246.45-142355876761696/ping.py; rm -rf "/root/.ansible/tmp/ansible-tmp-1497787246.45-142355876761696/" > /dev/null 2>&1 && sleep 0'"'"''
<192.168.122.136> (0, '\r\n{"invocation": {"module_args": {"data": null}}, "changed": false, "ping": "pong"}\r\n', 'Shared connection to 192.168.122.136 closed.\r\n')
openstack | SUCCESS => {
"changed": false,
"invocation": {
"module_args": {
"data": null
}
},
"ping": "pong"
}
META: ran handlers
META: ran handlers
๊ฐ์ฌ ํด์
ํฐ๋ฏธ๋์ ์๋ฒ์ ์๋์ผ๋ก ์ก์ธ์ค๋ฅผ ์๋ํ๊ณ ์๊ฒฉ ์๋ฒ์ sshํ ์ ์์ผ๋ฉด ๋ก์ปฌ ์ฌ์ฉ์์ ํ ๋๋ ํ ๋ฆฌ์์ .ansible ๋๋ ํ ๋ฆฌ๋ฅผ ์ ๊ฑฐํ์ญ์์ค. ์ด๊ฒ์ ๋๋ฅผ ์ํด ์๋ํฉ๋๋ค. (์์ด)
๋๋ ๋ง์ฐฌ๊ฐ์ง์ผ!
-i ์ง์๋ฌธ์ ์ ๋ฌํ์ง ์๊ณ ํฐ๋ฏธ๋์ ํตํด ์๋ฒ๋ฅผ sshํ ์ ์์ต๋๋ค.
ssh [email protected]
๊ณต์ฅ
๋ช ๋ น ์คํ:
ansible all -m ping
์ค๋ฅ๊ฐ ๋ฐ์ํฉ๋๋ค.
"msg": "Failed to connect to the host via ssh: Permission denied (publickey).\r\n",
"unreachable": true
@lkjangir ์ ๊ฑฐ .ansible ๋๋ ํ ๋ฆฌ๋ ์๋ํ์ง ์์์ต๋๋ค. =(
์ด๊ฒ์ ์๋ํ๊ณ ec2-user๋ฅผ ์ค์ ํ ์ฌ์ฉ์ ์ด๋ฆ์ผ๋ก ๋ฐ๊พธ์ญ์์ค.
ansible all -u ec2-user -m ping -vvv
@aelkz :์ / etc / ansible / hosts ํ์ผ์์, ๋น์ ์ ๋ฃ์ ์ ์์ต๋๋ค : [email protected]
๋์ server.com
๋ค์ ์๋ ansible all -m ping
.
๊ทธ๋ ์ง ์์ผ๋ฉด /etc/ansible/hosts์ user1์ ์ง์ ํ์ง ์์ ๊ฒฝ์ฐ ansible ๋ช
๋ น์ ์ฌ์ฉ์๋ฅผ ์ง์ ํด์ผ ํฉ๋๋ค. ansible all -m ping -u user1
๋๋ ๊ฐ์ ์ค๋ฅ๊ฐ ์์๊ณ ๊ทธ ์๋ฃจ์
์ผ๋ก ๋ด ๋ฌธ์ ๊ฐ ํด๊ฒฐ๋์์ต๋๋ค.
๋ด๊ฐ ํ๋ฆฌ์ง ์๋ค๋ฉด ์ด๊ฒ์ ssh ํค ๋ฌธ์ ๋๋ฌธ์ ๋๋ค. ์ ํค๋ฅผ ๊ฐฑ์ ํ๊ฑฐ๋ ์ค๋ฅ๋ฅผ ํผํ๊ธฐ ์ํด ํค๋ฅผ openssh ํ์์ผ๋ก ๋ณํํ์ญ์์ค.
--ask-pass๋ฅผ -u ๋งค๊ฐ๋ณ์์ ํจ๊ป ์ฌ์ฉํ๋ฉด ํจ๊ณผ์ ์ด์์ต๋๋ค.
@Hai-minhD ๊ทํ์ ์๋ฃจ์ ์ด ์ ์๊ฒ ํจ๊ณผ์ ์ด์์ต๋๋ค. ๊ฐ์ฌํฉ๋๋ค. ๋๋ ์ ์ด ์์คํ ์์ ์ฌ์ฉํ๋ ๋์ผํ ์ฌ์ฉ์์ ๋ฃจํธ ์ฌ์ฉ์๊ฐ ์๋ ํธ์คํธ์์ ํ ์คํธํ๊ณ ์์์ต๋๋ค. ์์์ ๋ณด๊ณ ๋ ์ค๋ฅ๊ฐ ๋ฐ์ํ ์ด ํน์ ํธ์คํธ์๋ ๋ค๋ฅธ ์ฌ์ฉ์๊ฐ ์์ต๋๋ค. Ansible ํธ์คํธ ํ์ผ: username@host์ ์ด ์ฌ์ฉ์ ์ด๋ฆ์ด ์๋ ํธ์คํธ๋ฅผ ์ถ๊ฐํ๋ ๋ฌธ์ ๋ฅผ ํด๊ฒฐํ์ต๋๋ค
๋ ธ๋ ฅํ๋ค-
์ค์๋ธ ์น์๋ฒ -m ping --ask-pass -i path_to_local_hosts_file
์ฌ๋ ์ด๋ธ์ python์ ์ค์นํ๋๋ฐ ์ ์๊ฒ ํจ๊ณผ์ ์ด์์ต๋๋ค.
๊ฐ์ ๋ฌธ์ ๊ฐ ์์ต๋๋ค.
์๋ฃจ์
์ ์ฐพ์์ต๋๋ค. /etc/ansible/hosts๋ฅผ ์ถ๊ฐํฉ๋๋ค.
ansible_ssh_user=
๋์์ด ๋์๊ธฐ๋ฅผ ๋ฐ๋๋๋ค.
์ค๋ฅ๊ฐ ๋ฐ์ํฉ๋๋ค. ์ฌ๊ธฐ shivslave๋ IP๊ฐ 192.168.0.5์ธ Virtualbox์ ๋ ๋ค๋ฅธ VM์ด๋ฉฐ [email protected] ์ ์ฑ๊ณต์ ์ผ๋ก ์ฐ๊ฒฐํ ์ ์์ง๋ง Ansible ๋ช ๋ น์ด ์๋ํ์ง ์์ต๋๋ค. ํธ์คํธ ํ์ผ์๋ ๋ค์์ด ํฌํจ๋ฉ๋๋ค.
[์์]192.168.0.5
shivmaster@shivmaster-VirtualBox :~$ ๊ฐ๋ฅํ ์ -m ping -u shivslave -vvv
์ค์๋ธ 2.4.1.0
์ค์ ํ์ผ = /etc/ansible/ansible.cfg
๊ตฌ์ฑ๋ ๋ชจ๋ ๊ฒ์ ๊ฒฝ๋ก = [u'/home/shivmaster/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
์ค์๋ธ ํ์ด์ฌ ๋ชจ๋ ์์น = /usr/lib/python2.7/dist-packages/ansible
์คํ ์์น = /usr/bin/ansible
ํ์ด์ฌ ๋ฒ์ = 2.7.6(๊ธฐ๋ณธ๊ฐ, 2016๋
10์ 26์ผ, 20:30:19) [GCC 4.8.4]
/etc/ansible/ansible.cfg๋ฅผ ์ค์ ํ์ผ๋ก ์ฌ์ฉ
ini ํ๋ฌ๊ทธ์ธ์ผ๋ก /etc/ansible/hosts ์ธ๋ฒคํ ๋ฆฌ ์์ค ๊ตฌ๋ฌธ ๋ถ์
META: ํธ๋ค๋ฌ๋ฅผ ์คํํ์ต๋๋ค.
๋ชจ๋ ํ์ผ ์ฌ์ฉ /usr/lib/python2.7/dist-packages/ansible/modules/system/ping.py
<192.168.0.5> ์ฌ์ฉ์๋ฅผ ์ํ SSH ์ฐ๊ฒฐ ์ค์ : shivslave
<192.168.0.5> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ์ฌ์ฉ์=shivslave -o ConnectTimeout=10 -o ControlPath=/home/shivmaster/.ansible/cp/e51c1eb9be 192.168.0.5 '/bin/sh -c '"'"'echo ~ && sleep 0'"'"''
<192.168.0.5> (255, '', '๊ถํ์ด ๊ฑฐ๋ถ๋์์ต๋๋ค(๊ณต๊ฐํค,๋น๋ฐ๋ฒํธ).\r\n')
192.168.0.5 | ๋๋ฌํ ์ ์์ต๋๋ค! => {
"๋ณ๊ฒฝ๋": ๊ฑฐ์ง,
"msg": "ssh๋ฅผ ํตํด ํธ์คํธ์ ์ฐ๊ฒฐํ์ง ๋ชปํ์ต๋๋ค: ๊ถํ์ด ๊ฑฐ๋ถ๋์์ต๋๋ค(๊ณต๊ฐ ํค, ์ํธ).\r\n",
"์ฐ๊ฒฐํ ์ ์์": ์ฌ์ค
}
shivmaster@shivmaster-VirtualBox :~$
@lktslionel
๋์ผํ ๋ฌธ์ ๊ฐ ๋ฐ์ํฉ๋๋ค. ์์์ ์ธ๊ธํ ๋ชจ๋ ์ต์
์ ์๋ํ์ต๋๋ค. ์ฌ๊ธฐ์์ ๋์์ฃผ์๊ฒ ์ต๋๊น?
์ค์๋ธ 2.4.2.0
์ค์ ํ์ผ = /etc/ansible/ansible.cfg
๊ตฌ์ฑ๋ ๋ชจ๋ ๊ฒ์ ๊ฒฝ๋ก = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
์ค์๋ธ ํ์ด์ฌ ๋ชจ๋ ์์น = /usr/lib/python2.7/dist-packages/ansible
์คํ ์์น = /usr/bin/ansible
ํ์ด์ฌ ๋ฒ์ = 2.7.12(๊ธฐ๋ณธ๊ฐ, 2017๋
11์ 20์ผ, 18:23:56) [GCC 5.4.0 20160609]
/etc/ansible/ansible.cfg๋ฅผ ์ค์ ํ์ผ๋ก ์ฌ์ฉ
ansible.cfg์์ deprecation_warnings=False๋ฅผ ์ค์ ํ์ฌ ๋นํ์ฑํํ ์ ์์ต๋๋ค.
์ธ๋ฒคํ ๋ฆฌ ํ๋ฌ๊ทธ์ธ ์ค์
ini ํ๋ฌ๊ทธ์ธ์ผ๋ก /etc/ansible/hosts ์ธ๋ฒคํ ๋ฆฌ ์์ค ๊ตฌ๋ฌธ ๋ถ์
/usr/lib/python2.7/dist-packages/ansible/plugins/callback/__init__.pyc์์ stdout v2.0 ์ ํ์ ์ต์ ์ฝ๋ฐฑ ํ๋ฌ๊ทธ์ธ ๋ก๋
META: ํธ๋ค๋ฌ๋ฅผ ์คํํ์ต๋๋ค.
๋ชจ๋ ํ์ผ ์ฌ์ฉ /usr/lib/python2.7/dist-packages/ansible/modules/system/ping.py
<10.0.3.36> ์ฌ์ฉ์์ ๋ํ SSH ์ฐ๊ฒฐ ์ค์ : ๋ฃจํธ
<10.0.3.36> SSH: EXEC ssh -vvv -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o Port=22 -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi- keyex, hostbased, publickey -o PasswordAuthentication=no -o User=root -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/c8171a76d6 10.0.3.36 '/bin/sh -c '"'"'echo ~ && ์ ์ 0'"'"''
<10.0.3.36> (255, '', 'OpenSSH_7.2p2 Ubuntu-4ubuntu2.2, OpenSSL 1.0.2g 2016๋
3์ 1์ผ\r\ndebug1: ๊ตฌ์ฑ ๋ฐ์ดํฐ ์ฝ๊ธฐ /etc/ssh/ssh_config\r\ndebug1: /etc/ ssh/ssh_config ํ 19: \r\ndebug1์ ๋ํ ์ต์
์ ์ฉ sh/id_dsa-cert ์ ํ -1\r\ndebug1: ID ํ์ผ /root/.ssh/id_ecdsa ์ ํ 3\r\ndebug1: key_load_public: ํด๋น ํ์ผ ๋๋ ๋๋ ํ ๋ฆฌ๊ฐ ์์ต๋๋ค.\r\ndebug1: ID ํ์ผ /root/.ssh/id_ecdsa -cert ์ ํ -1\r\ndebug1: key_load_public: ํด๋น ํ์ผ ๋๋ ๋๋ ํ ๋ฆฌ๊ฐ ์์ต๋๋ค.\r\ndebug1: ID ํ์ผ /root/.ssh/id_ed25519 ์ ํ -1\r\ndebug1: key_load_public: ํด๋น ํ์ผ ๋๋ ๋๋ ํ ๋ฆฌ๊ฐ ์์ต๋๋ค.\r\ndebug1 : ID ํ์ผ /root/.ssh/id_ed25519-cert ์ ํ -1\r\ndebug1: ํ๋กํ ์ฝ 2.0์ ๋ํ ํธํ์ฑ ๋ชจ๋ ํ์ฑํ\r\ndebug1: ๋ก์ปฌ ๋ฒ์ ๋ฌธ์์ด SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.2\r\ndebug1 : ์๊ฒฉ ํ๋กํ ์ฝ ๋ฒ์ 2.0, ์๊ฒฉ ์ํํธ์จ์ด ๋ฒ์ OpenSSH_7.2p2 Ubuntu-4ubuntu2.2\r\ndebug1: ์ผ์น: OpenSSH_7.2p2 Ubuntu-4ubuntu2.2 pat OpenSSH compat 0x04000000\r\ndebug2: fd 3 ์ค์ O_NONBLOCK\r\n 10.0.3.36:22์ \'root\'\r\ndebug3: hostkeys_foreach: ์ฝ๊ธฐ ํ์ผ "/root/.ssh/known_hosts"\r\ndebug3: record_hostkey: /root/.ssh/ ํ์ผ์์ ํค ์ ํ ECDSA๋ฅผ ์ฐพ์์ต๋๋ค. known_hosts:1\r\ndebug3: load_hostkeys: 10.0์์ 1๊ฐ์ ํค๋ฅผ ๋ก๋ํ์ต๋๋ค. .3.36\r\ndebug3: order_hostkeyalgs: hostkeyalgs ์ ํธ: [email protected],[email protected],ecdsa-sha2-nistp011@cert-v openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521\r\ndebug3: ํจํท ์ ์ก: ์ ํ 20\r\ndebug1: SSH2_MSG_KEXINIT ์ ์ก\r\ndebug3: ํจํท ์์ : ์ ํ 20\r \ndebug1: SSH2_MSG_KEXINIT ์์ \r\ndebug2: ๋ก์ปฌ ํด๋ผ์ด์ธํธ KEXINIT ์ ์\r\ndebug2: KEX ์๊ณ ๋ฆฌ์ฆ: [email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp384,ecdh-sha2- hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,ext-info-c\r\ndebug2: ํธ์คํธ ํค ์๊ณ ๋ฆฌ์ฆ: ecdsa-sha2-nistp256-cert-v01@ openssh.com,[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp52 [email protected],[email protected],ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa\r\ndebug2: ์ํธ ctos : ์ฐจ์ฐจ20ํฌ [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected],aes128-cbc,aes192-cbc,aes3des-cbc\, r\ndebug2: ์ํธ stoc: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected],aes128- ,aes256-cbc,3des-cbc\r\ndebug2: MAC ctos: [email protected],[email protected],[email protected],hmac- [email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac- sha1\r\ndebug2: MAC ์คํก: [email protected],[email protected],[email protected],hmac-sha2-512-etm@openssh .com,[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1\r\ndebug2: ์์ถ ctos: [email protected],zlib,none\r\ndebug2: ์์ถ stoc: [email protected],zlib,none\r\ndebug2: ์ธ์ด ctos: \r\ndebug2: ์ธ์ด stoc: \r\ndebug2: first_kex_follows 0 \r\n๋๋ฒ๊ทธ2: r eserved 0 \r\ndebug2: ํผ์ด ์๋ฒ KEXINIT ์ ์\r\ndebug2: KEX ์๊ณ ๋ฆฌ์ฆ: [email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman -exchange-sha256,diffie-hellman-group14-sha1\r\ndebug2: ํธ์คํธ ํค ์๊ณ ๋ฆฌ์ฆ: ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519\r\ndebug2 : ์ํธ ctos: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected]\r\ndebug2: polychapherscha05 @openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected]\r\ndebug2: MAC ctos: [email protected], [email protected],[email protected],[email protected],[email protected],umac-64@openssh. com,[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1\r\ndebug2: MAC ์คํก: [email protected],umac-128-etm@openssh .com,[email protected],[email protected],[email protected],umac-64@open ssh.com,[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1\r\ndebug2: ์์ถ ctos: ์์,[email protected]\r\ndebug2: ์์ถ ์คํก: ์์,[email protected]\r\ndebug2: ์ธ์ด ctos: \r\ndebug2: ์ธ์ด stoc: \r\ndebug2: first_kex_follows 0 \r\ndebug2: ์์ฝ๋ 0 \r\ndebug1: kex: ์๊ณ ๋ฆฌ์ฆ: curve25519-sha256@ libssh.org\r\ndebug1: kex: ํธ์คํธ ํค ์๊ณ ๋ฆฌ์ฆ: ecdsa-sha2-nistp256\r\ndebug1: kex: ์๋ฒ->ํด๋ผ์ด์ธํธ ์ํธ: [email protected] MAC:
10.0.3.36 | ๋๋ฌํ ์ ์์ต๋๋ค! => {
"๋ณ๊ฒฝ๋": ๊ฑฐ์ง,
"msg": "ssh๋ฅผ ํตํด ํธ์คํธ์ ์ฐ๊ฒฐํ์ง ๋ชปํ์ต๋๋ค: OpenSSH_7.2p2 Ubuntu-4ubuntu2.2, OpenSSL 1.0.2g 2016๋
3์ 1์ผ\r\ndebug1: ๊ตฌ์ฑ ๋ฐ์ดํฐ ์ฝ๊ธฐ /etc/ssh/ssh_config\r\ndebug1: / etc/ssh/ssh_config ํ 19: \r\ndebug1์ ๋ํ ์ต์
์ ์ฉ bug1: ID ํ์ผ /root/.ssh/id_dsa-cert ์ ํ -1\r\ndebug1: ID ํ์ผ /root/.ssh/id_ecdsa ์ ํ 3\r\ndebug1: key_load_public: ํด๋น ํ์ผ ๋๋ ๋๋ ํฐ๋ฆฌ๊ฐ ์์ต๋๋ค.\r\ndebug1: ID ํ์ผ /root/.ssh/id_ecdsa-cert ์ ํ -1\r\ndebug1: key_load_public: ํด๋น ํ์ผ ๋๋ ๋๋ ํ ๋ฆฌ ์์\r\ndebug1: ID ํ์ผ /root/.ssh/id_ed25519 ์ ํ -1\r\ndebug1: key_load_public: ์๋์ ์ด๋ฌํ ํ์ผ ๋๋ ๋๋ ํ ๋ฆฌ\r\ndebug1: ID ํ์ผ /root/.ssh/id_ed25519-cert ์ ํ -1\r\ndebug1: ํ๋กํ ์ฝ 2.0์ ๋ํ ํธํ์ฑ ๋ชจ๋ ํ์ฑํ\r\ndebug1: ๋ก์ปฌ ๋ฒ์ ๋ฌธ์์ด SSH-2.0-OpenSSH_7.2p2 Ubuntu -4ubuntu2.2\r\ndebug1: ์๊ฒฉ ํ๋กํ ์ฝ ๋ฒ์ 2.0, ์๊ฒฉ ์ํํธ์จ์ด ๋ฒ์ OpenSSH_7.2p2 Ubuntu-4ubuntu2.2\r\ndebug1: ์ผ์น: OpenSSH_7.2p2 Ubuntu-4ubuntu2.2 pat OpenSSH ํธํ 0x04000000\r\ndebug 3 ์ค์ O_NONBLOCK\r\ndebug1: 10.0.3.36:22์ '๋ฃจํธ'๋ก ์ธ์ฆ\r\ndebug3: hostkeys_foreach: ํ์ผ ์ฝ๊ธฐ \"/root/.ssh/known_hosts\"\r\ndebug3: record_hostkey: ํค ์ ํ ECDSA๋ฅผ ์ฐพ์์ต๋๋ค. ํ์ผ /root/.ssh/known_hosts:1\r\ndebug3: load_hostk eys: 10.0.3.36์์ ๋ก๋๋ ํค 1๊ฐ\r\ndebug3: order_hostkeyalgs: hostkeyalgs ์ ํธ: [email protected],[email protected],ecdsa-sha2 [email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521\r\ndebug3: ํจํท ์ ์ก: ์ ํ 20\r\ndebug1: SSH2_MSG_KEXINIT ์ ์ก๋จ\r ํจํท ์์ : ์ ํ 20\r\ndebug1: SSH2_MSG_KEXINIT ์์ \r\ndebug2: ๋ก์ปฌ ํด๋ผ์ด์ธํธ KEXINIT ์ ์\r\ndebug2: KEX ์๊ณ ๋ฆฌ์ฆ: [email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp38 -sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,ext-info-c\r\ndebug2: ํธ์คํธ ํค ์๊ณ ๋ฆฌ์ฆ: ecdsa-sha2 [email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp3 ,ecdsa-sha2-nistp521,[email protected],[email protected],ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa \r\n๋๋ฒ๊ทธ 2: ์ํธ ctos: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected],aes128-cbc,cbcaes -cbc,3des-cbc\r\ndebug2: ์ํธ stoc: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],aes256.gcm@openssh aes128-cbc,aes192-cbc,aes256-cbc,3des-cbc\r\ndebug2: MAC ctos: [email protected],[email protected],hmac-sha2-256-etm @openssh.com,[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac -sha2-512,hmac-sha1\r\ndebug2: MAC ์คํก: [email protected],[email protected],[email protected],hmac- [email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac- sha1\r\ndebug2: ์์ถ ctos: [email protected],zlib,none\r\ndebug2: ์์ถ stoc: [email protected],zlib,none\r\ndebug2: ์ธ์ด ctos: \r\ndebug2: ์ธ์ด stoc : \r\ndebug2: ์ฒซ ๋ฒ์งธ _kex_follows 0 \r\ndebug2: ์์ฝ 0 \r\ndebug2: ํผ์ด ์๋ฒ KEXINIT ์ ์\r\ndebug2: KEX ์๊ณ ๋ฆฌ์ฆ: [email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,-ecd nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1\r\ndebug2: ํธ์คํธ ํค ์๊ณ ๋ฆฌ์ฆ: ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256, ssh-ed25519\r\ndebug2: ์ํธ ctos: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],aes256-gcm@r\sndebug2 : ์ํธ ์คํก: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected]\r\ndebug2: MACs-ctos: [email protected],[email protected],[email protected],[email protected],[email protected] ,[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1\r\ndebug2: MAC ์คํก: [email protected], [email protected],[email protected],[email protected],hmac-sha1- [email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1\r\ndebug2: ์์ถ ctos: ์์,zlib@openssh .com\r\ndebug2: ์์ถ stoc: ์์,[email protected]\r\ndebug2: ์ธ์ด ctos: \r\ndebug2: ์ธ์ด stoc: \r\ndebug2: first_kex_follows 0 \r\ndebug2: ์์ฝ๋ 0 \r\ ndebug1: kex: ์๊ณ ๋ฆฌ์ฆ: [email protected]\r\ndebug1: kex: ํธ์คํธ ํค ์๊ณ ๋ฆฌ์ฆ: ecdsa-sha2-nistp256\r\ndebug1: kex: ์๋ฒ->ํด๋ผ์ด์ธํธ ์ํธ: [email protected] MAC :
"์ฐ๊ฒฐํ ์ ์์": ์ฌ์ค
}
root@ip-172-31-31-140:~/.ssh#
๋๋ ๊ฐ์ ๋ฌธ์ ๊ฐ ์์๊ณ ํ์ฌ ์ฌ์ฉ์ ์ด๋ฆ์ ์ฌ์ฉํ์ฌ ์ฐ๊ฒฐ์ ์๋ํ๋ฏ๋ก ๋ด ๋ฐฉ๋ฒ์ ์ฌ์ฉ์ ์ด๋ฆ์ ๋ฎ์ด์ฐ๋ ๊ฒ์ด์์ต๋๋ค. ์๋ฅผ ๋ค๋ฉด ๋ค์๊ณผ ๊ฐ์ต๋๋ค.
ansible all -m ping -u ec2-user
'ansible all -m ping'์ ์คํํ๋ ๋์ ๋ ๊ฐ์ง ์ค๋ฅ์ ์ง๋ฉดํ๊ณ ์ด ์ค๋ ๋์์ t-shoot๋ฅผ ๋ฐ๊ฒฌํ์ต๋๋ค. ์ด ๋ฌธ์ ๋ฅผ ์ดํดํ๋ ๋ฐ ๋์์ด ๋ ์๊ฒฌ์ ๊ฐ์ฌ๋๋ฆฝ๋๋ค.
:์ค๋ฅ-1:
์ด ๋ฉ์์ง๋ฅผ ์์ ํ๋ ๋จ๊ณ: "msg": "ssh๋ฅผ ํตํด ํธ์คํธ์ ์ฐ๊ฒฐํ์ง ๋ชปํ์ต๋๋ค: ๊ถํ์ด ๊ฑฐ๋ถ๋์์ต๋๋ค(๊ณต๊ฐ ํค, ์ํธ).\r\n"
1) ์ ์ ํ ์ฌ์ฉ์ ์ด๋ฆ 'ubuntu'๋ฅผ ํฌํจํ๋๋ก /etc/ansible/hosts์์ ์์ ๊ตฌ์ฑ ํ์ผ์ ์์ ํ์ต๋๋ค.
2) '--private-key=/Users/my-user/.ssh/my-key.pem' ์ธ์๋ฅผ ์ ๋ฌํ๋ฏ๋ก ๋ช
๋ น์ ๋ค์๊ณผ ๊ฐ์ต๋๋ค.
๋ชจ๋ ๊ฐ๋ฅ -m ping --private-key=/Users/my-user/.ssh/my-key.pem
์ด ๊ฐ์ด๋์์๋ ํค๋ฅผ ์ธ์๋ก ์ ๋ฌํ๋ ๋ฐฉ๋ฒ์ ๋ํด ์ค๋ช
ํ์ต๋๋ค.
https://ansible-tips-and-tricks.readthedocs.io/en/latest/ansible/commands/
:์ค๋ฅ 2:
"module_stdout": "/bin/sh: 1: /usr/bin/python: ์ฐพ์ ์ ์์\r\n",
์์ ํ๊ธฐ ์ํด 'sudo apt-get update; ์๊ฒฉ ํธ์คํธ์ sudo apt-get install python'. ec2 ์ธ์คํด์ค๋ฅผ ์ฌ์ฉํ๊ณ ์์ต๋๋ค. ์ฐธ๊ณ ๋ก ์์ ์คํฌ๋ฆฝํธ์ ์ผ๋ถ๋ก ์ค์น ๋ช
๋ น์ ์คํํ๋ฉด ๋ ๋ฒ์งธ ๋ฌธ์ ๋ฅผ ํด๊ฒฐํ๋ ๋ฐ ๋์์ด ๋ฉ๋๋ค.
๊ฑด๋ฐฐ!
Ubuntu 16.04 ์๋ฒ์ python์ด ์๋ ๊ฒ ๊ฐ์ต๋๋ค. ๋ชจ๋ ์๊ฒฉ ํธ์คํธ์ ์ค์นํ๋๋ฐ ๋ฌธ์ ๊ฐ ํด๊ฒฐ๋์์ต๋๋ค.
sudo apt-get install python-minimal -y
SSH๋ ํฐ๋ฏธ๋๊ณผ ์ฐ๊ฒฐ๋์ง๋ง vsts ๋ฐsible๊ณผ๋ ์ฐ๊ฒฐ๋์ง ์์ต๋๋ค. ์๋ฌด๋ ๋๋ฅผ ๋์ธ ์ ์์ต๋๊น?
* @10.130.2.142:22์ SSH ์ฐ๊ฒฐ์ ์ค์ ํ๋ ค๊ณ ํฉ๋๋ค.
2018-04-04T21:56:46.6533908Z
2018-04-04T21 : 56 : 46.6549162Z์ PLAY [๋ชจ๋ * * * * * * * * * * * * * * * * * * * * *
2018-04-04T21:56:46.6555625Z
2018-04-04T21:56:46.6603308Z
2018-04-04T21:56:46.6616154Z TASK [๋๋ ํ ๋ฆฌ ์์ฑ] * * * * * * * * * * * * * * * *
2018-04-04T21:56:46.6622522Z
2018-04-04T21:56:46.8874071Z ์คํจ: [10.130.2.206] (item=/home/ * /myagent/) => {"item": "/home/ * /myagent/", "msg": " ssh๋ฅผ ํตํด ํธ์คํธ์ ์ฐ๊ฒฐํ์ง ๋ชปํ์ต๋๋ค: ๊ถํ์ด ๊ฑฐ๋ถ๋์์ต๋๋ค(๊ณต๊ฐ ํค).\r\n", "์ฐ๊ฒฐํ ์ ์์": true}
2018-04-04T21:56:46.8880968Z
2018-04-04T21:56:47.0341093Z ์คํจ: [10.130.2.206] (item=/home/ * /mywork/) => {"item": "/home/ * /mywork/", "msg": " ssh๋ฅผ ํตํด ํธ์คํธ์ ์ฐ๊ฒฐํ์ง ๋ชปํ์ต๋๋ค: ๊ถํ์ด ๊ฑฐ๋ถ๋์์ต๋๋ค(๊ณต๊ฐ ํค).\r\n", "์ฐ๊ฒฐํ ์ ์์": true}
2018-04-04T21:56:47.0349137Z
2018-04-04T21:56:47.0363780Z ์น๋ช
์ : [10.130.2.206]: ๋๋ฌํ ์ ์์ต๋๋ค! => {"๋ณ๊ฒฝ๋จ": false, "msg": "๋ชจ๋ ํญ๋ชฉ ์๋ฃ๋จ", "๊ฒฐ๊ณผ": [{"_ansible_ignore_errors": null, "_ansible_item_result": true, "ํญ๋ชฉ": "/home/ * /myagent/" , "msg": "ssh๋ฅผ ํตํ ํธ์คํธ ์ฐ๊ฒฐ ์คํจ: ๊ถํ ๊ฑฐ๋ถ(๊ณต๊ฐ ํค).\r\n", "unreachable": true}, {"_ansible_ignore_errors": null, "_ansible_item_result": true, "item" : "/home/ * /mywork/", "msg": "ssh๋ฅผ ํตํ ํธ์คํธ ์ฐ๊ฒฐ ์คํจ: ๊ถํ ๊ฑฐ๋ถ๋จ(๊ณต๊ฐ ํค).\r\n", "unreachable": true}]}
2018-04-04T21:56:47.0371817Z
2018-04-04T21:56:47.0387681Z ์ฌ์๋, ์ฌ์ฉ: --limit @/tmp/Infrax/Agent_config.retry
2018-04-04T21:56:47.0397434Z
2018-04-04T21:56:47.0403265Z
2018-04-04T21 : 56 : 47.0415230Z์ ์ฌ์ RECAP * * * * * * * * * * * * * * * * * * * * *
2018-04-04T21:56:47.0421749Z
2018-04-04T21:56:47.0434107Z 10.130.2.206 : ํ์ธ=0 ๋ณ๊ฒฝ๋จ=0 ์ฐ๊ฒฐํ ์ ์์=1 ์คํจ=0
2018-04-04T21:56:47.0440861Z
2018-04-04T21:56:47.0446720Z
2018-04-04T21:56:47.0452765Z
2018-04-04T21:56:47.0850279Z ##[์ค๋ฅ]๋ช
๋ น ansible-playbook -i "10.130.2.206," /tmp/Infrax/Agent_config.yaml -b --become-user * ์ข
๋ฃ ์ฝ๋ 4.
2018-04-04T21:56:47.0948275Z ##[์น์
]๋ง๋ฌด๋ฆฌ: ํ๋ ์ด๋ถ ์คํ
๋ด๊ฐ ์ด๊ฒ์ ์ณค์ ๋ ๋๋ OSX์์ Ansible์ ์ฌ์ฉํ์ฌ pem ์ธ์ฆ์๊ฐ ์๋ aws ์์์ ์ฐ๊ฒฐํ์ต๋๋ค. ~/.ssh/config ํ์ผ์ด ์์ต๋๋ค. ๋ด๊ฐ ํ๋๋ฅผ ๋ง๋ค๊ณ ์ด๊ฒ ์ด์์ ์ถ๊ฐํ์ง ์์ผ๋ฉด :
์ฃผ์ต์ *
ID ํ์ผ ~/.ssh/id_rsa
AddKeysToAgent ์
๊ทธ๋ฐ ๋ค์ ๋๋ ๋ง์ ์ฒ๋ผ ํ๋ ์ด๋ถ์ ์คํํ ์ ์์์ต๋๋ค.
์ ์ด ์์คํ ์์ ๋ ธ๋๋ก ํ์ผ์ ๋ณต์ฌํ๋ ๋์ ์๋ ์ค๋ฅ๊ฐ ๋ฐ์ํฉ๋๋ค.
๋ช
๋ น: sudo ansible dbservers -m copy -a "src=/etc/ansible/Taha ๋์=/etc/Taha"
์ค๋ฅ:
52.186.71.70 | ๋๋ฌํ ์ ์์ต๋๋ค! => {
"๋ณ๊ฒฝ๋": ๊ฑฐ์ง,
"msg": "ssh๋ฅผ ํตํด ํธ์คํธ์ ์ฐ๊ฒฐํ์ง ๋ชปํ์ต๋๋ค: ๊ถํ์ด ๊ฑฐ๋ถ๋์์ต๋๋ค(publickey,gssapi-keyex,gssapi-with-mic,password,keyboard-interactive).\r\n",
"์ฐ๊ฒฐํ ์ ์์": ์ฌ์ค
}
์์ ๋์ด๋ ๋ชจ๋ ๋จ๊ณ๋ฅผ ์๋ํ์ง๋ง ์ฌ์ ํ ์ฑ๊ณตํ์ง ๋ชปํ์ต๋๋ค....
์ธ๋ฒคํ ๋ฆฌ ํ์ผ๊ณผ ssh ํค๋ฅผ ์ฌ์ฉ์ ์ด๋ฆ์ผ๋ก ์ ๋ฌํด ๋ณด์ญ์์ค. ๋ ธ๋ ์ธ๋ฒคํ ๋ฆฌ์ ์ ์๋ ์ฌ์ฉ์๊ฐ ์์ผ๋ฏ๋ก ๋ช ๋ น์ผ๋ก ์ ๋ฌํ๋ฉด ํญ์ ์๋ํฉ๋๋ค. ๋ฐ๋ผ์ ๋ช ๋ น์ ๋ค์๊ณผ ๊ฐ์ต๋๋ค.
sudo ansible dbservers -m -i ์ธ๋ฒคํ ๋ฆฌ/์ธ๋ฒคํ ๋ฆฌ ํ์ผ --user=ubuntu --private-key="private-key.pem" ๋ณต์ฌ -a "src=/etc/ansible/Taha ๋์=/etc/Taha"
๋์์ ์ฃผ์ Lokesh์๊ฒ ๊ฐ์ฌ๋๋ฆฝ๋๋ค ...
๋๋ ๊ฐ๋ฅํ ๊ฒ์ ์ต์ํ์ง ์๊ธฐ ๋๋ฌธ์ ์ ์ด ์๋ฒ์์ pem ํ์ผ์ ์ด๋์ ์ ์ฅํ ์ ์๋์ง ์๊ณ ์ถ์ต๋๋ค. ์ธ๋ฒคํ ๋ฆฌ ํ์ผ์ ๋ณ๊ฒฝํด์ผ ํฉ๋๊น?
์๋
ํ์ธ์ ์ฌ๋ฌ๋ถ,
๋๋ ๊ฐ์ ๋ฌธ์ ๊ฐ ์์๋ค.
๋ด devops ์ฌ์ฉ์๋ ๋ชจ๋ ์๋ฒ์ sshํ ์ ์์ง๋ง mysuer๋ฅผ ์ฌ์ฉํ์ฌ ๊ฐ๋ฅํ ๋ช
๋ น์ ์คํํ๋ ค๊ณ ํ ๋ ํญ์ ์ค๋ฅ๊ฐ ๋ฐ์ํ์ต๋๋ค... UNREACHABLE! ...
"mysuer" ssh serverDestiny(์ธ๋ฒคํ ๋ฆฌ ํ์ผ์ ์๋ ์๋ฒ)๋ฅผ ์ฌ์ฉํ์ฌ fqdn์ ์ฌ์ฉํ๋ ๊ฒฝ์ฐ FQDN์ ssh๋ฅผ ๋ง๋ค์ด์ผ ํจ์ ์ฐธ๊ณ ํ์ฌ ํด๊ฒฐํ์ต๋๋ค.
์์:
๊ณ ์์ด ์ธ๋ฒคํ ๋ฆฌ
์๋ฒ1
[ myuser@workstation ansible-deploy-cr] ssh-keygen
[ myuser@workstation ansible-deploy-cr] ssh-copy-id -i devops@server1
ํ
์คํธ..
[ myuser@workstation ansible-deploy-cr ] ssh ' devops@server1
์ด๊ฒ์ด ๋์์ด ๋๊ธฐ๋ฅผ ๋ฐ๋๋๋ค.
๊ทธ๋ ๋ค๋ฉด ์ข์์ ๐
๊ฐ์ฌ ํด์,
์ ๋ธ๋ฆฌํ
10.20.2.42
๊ฐ๋ฅ ํด๋ผ์ด์ธํธ.com
[๋ฃจํธ @ansibleserver ~]# ansible all -m ping
10.20.2.42 | ๋๋ฌํ ์ ์์ต๋๋ค! => {
"๋ณ๊ฒฝ๋": ๊ฑฐ์ง,
"msg": "ssh๋ฅผ ํตํด ํธ์คํธ์ ์ฐ๊ฒฐํ์ง ๋ชปํ์ต๋๋ค: ๊ถํ์ด ๊ฑฐ๋ถ๋์์ต๋๋ค(publickey,gssapi-keyex,gssapi-with-mic,password).\r\n",
"์ฐ๊ฒฐํ ์ ์์": ์ฌ์ค
}
๊ฐ๋ฅ ํด๋ผ์ด์ธํธ.com | ๋๋ฌํ ์ ์์ต๋๋ค! => {
"๋ณ๊ฒฝ๋": ๊ฑฐ์ง,
"msg": "ssh๋ฅผ ํตํด ํธ์คํธ์ ์ฐ๊ฒฐํ์ง ๋ชปํ์ต๋๋ค: ๊ถํ์ด ๊ฑฐ๋ถ๋์์ต๋๋ค(๊ณต๊ฐ ํค, ์ํธ).\r\n",
"์ฐ๊ฒฐํ ์ ์์": ์ฌ์ค
}
[ root@ansibleserver ~]#
์ด ๋ฌธ์ ์ ๋ํด ์ ๋ฅผ ๋์์ฃผ์ธ์. ssh ํค๋ฅผ ๋ง๋ค์ด์ผ ํ๋ ๊ฒ ๊ฐ์ต๋๋ค. ๋จ๊ณ๋ณ ํ๋ก์ธ์ค๋ฅผ ๋ง๋๋ ๋ฐฉ๋ฒ์ ์ ๋ฌธ๊ฐ๊ฐ ์๋๋๋ค.
์น์ ํ๊ฒ ๋์์ฃผ์ธ์
์ด๊ฒ์ ssh ํค ์์ฑ์ ์๋ฒ์ ์ถ๊ฐํ๊ณ ๋์ผํ ํค๋ฅผ ํด๋ผ์ด์ธํธ์ ๋ณต์ฌํ์ฌ ์์ ๋ฉ๋๋ค.
๋ช ๋ น:
$ ssh-keygen -t rsa
์ํฐ๋ฅผ ์น๋ค
$ cd ๋ฃจํธ/
$ ๋ผ - ๋ผ
๋์ VM์ id_rsa.pub ๋ณต์ฌ
$ssh-copy-id ๋์ VM
ssh-copy-id -i user@localhost
ssh-copy-id -i user@servers_in_inventory
์๋ํ๋ ๊ฒ ๊ฐ๋ค
์ด URL์ ์ด ์ค๋ฅ์ ๋ํ Google ์กฐํ์ 1์์ด๋ฏ๋ก ์ด "๋ฌธ์ "๊ฐ ํด๊ฒฐ๋ ๋์์๋ ์ฌ๋๋ค์ ๊ฐ๊น์ด ์ฅ๋์ ์ด ์ค๋ฅ๋ฅผ ๊ณ์ ์กฐํํ ๊ฒ์
๋๋ค. ๋ค์์ python3
, ansible 2.5
(๋ ๋ค virutualenv์์ PIP ๋ฒ์ ์) ๋ฐ OSX High Sierra์ ๋ํด ์์ ํ ๋ฐฉ๋ฒ์
๋๋ค.
๋ด ์๋๋ฆฌ์ค์ ๋ํ ๋ด '์์ '๋ณด๊ณ . ๋ฌ๋ฆฌ๊ธฐ:
$ python3 $(๊ฐ๋ฅ) localhost -m ping -vvvv
์ด ์ค๋ฅ๊ฐ ๋ฐ์ํฉ๋๋ค. -vvvv๋ ํค/์ธ์ฆ ์คํจ์์ ๋ํ๋
๋๋ค. ์์ฒญ๋. ๋จ์ํ [email protected]
๋ฅผ ์ํํ์ฌ Ansible์ ์ด๋ก๋ถํฐ ๋ถ๋ฆฌํ ์ ์์ต๋๋ค. ์ ์๊ฒ๋ ์คํจํ์ต๋๋ค(SSH ํค๋ก ๋ก๊ทธ์ธ ์คํจ๋ฅผ ์คํจ๋ก ๊ฐ์ฃผํ๊ณ ์์ต๋๋ค).
์ฌ์ด ์์ : at ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
๋๋ ๊ฐ์ ๋ฌธ์ ๊ฐ ์์๊ณ ์ค์ค๋ก ํด๊ฒฐ์ฑ
์ ์ป์์ต๋๋ค. ๋์๊ฒ ๋ฌด์จ ์ผ์ด ์ผ์ด๋๊ณ ์๋์ง ๋งํ ๊ฒ์
๋๋ค.
๋์ผํ ์ค๋ฅ๊ฐ ๋ฐ์ํ๊ณ ๋์ผํ proyect ํด๋์์ cz๋ฅผ ํด๊ฒฐํฉ๋๋ค. ํธ์คํธ ํ์ผ์ด ์๊ณ ์ด๋ค ์ด์ ๋ก rm -r ํธ์คํธ๋ฅผ ์ฌ์ฉํ์ฌ ์ค๋ฅ๊ฐ ๋ฐ์ํ์ฌ ํด๊ฒฐํ์ต๋๋ค.
๋์ ๊ฐ์ ๋ฌธ์ ๊ฐ ์๋ ๊ฒฝ์ฐ ์๋ ค๋๋ฆฝ๋๋ค.
ํดํผ ํฌ๋ฆฌ์ค๋ง์ค X), xoxo.
์ธ๋ฒคํ ๋ฆฌ ํ์ผ์ ํธ์งํ ๋๊น์ง ๋์ผํ ๋ฌธ์ ๊ฐ ์์์ต๋๋ค.
[testserver]
<target_ip> ansible_user=<target_domain_name> ansible_ssh_pass=<target_pass>
๊ทธ๋ฐ ๋ค์ ํ
์คํธํ๋ ค๋ฉด:
ansible testserver -m ping
ubuntu@ip-172-31-1-85 :/etc/ansible$ sudo ansible-playbook tomserver.yml
PLAY [์น ์๋ฒ] * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * **
TASK [์์ง ์ฌ์ค * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
์น๋ช
์ : [54.153.119.230]: ๋๋ฌํ ์ ์์ต๋๋ค! => {"changed": false, "msg": "ssh๋ฅผ ํตํ ํธ์คํธ ์ฐ๊ฒฐ ์คํจ: ํด๋น ID ์์: /root/UbuntuAnsible.pem: ํด๋น ํ์ผ ๋๋ ๋๋ ํ ๋ฆฌ ์์\r\n๊ถํ์ด ๊ฑฐ๋ถ๋์์ต๋๋ค(๊ณต๊ฐ ํค).\r \n", "์ฐ๊ฒฐํ ์ ์์": true}
์ฌ์๋ํ๋ ค๋ฉด --limit @/etc/ansible/tomserver.retry๋ฅผ ์ฌ์ฉํ์ญ์์ค.
๋์์ฃผ์ธ์
๋จ์ํ ์ฐ๊ฒฐํ๋ ค๊ณ ํฉ๋๊น? ํธ์คํธ ํ์ผ์ ์ด๋ป๊ฒ ์๊ฒผ์ต๋๊น?
2018๋
9์ 12์ผ ์์์ผ, FALCON-SJSU [email protected]
์ผ๋ค:
์น๋ช ์ : [54.153.119.230]: ๋๋ฌํ ์ ์์ต๋๋ค! => {"๋ณ๊ฒฝ๋จ": false, "msg": "์คํจ
ssh๋ฅผ ํตํด ํธ์คํธ์ ์ฐ๊ฒฐํ๋ ค๋ฉด: ํด๋น ID ์์: /root/UbuntuAnsible.pem:
ํด๋น ํ์ผ ๋๋ ๋๋ ํ ๋ฆฌ๊ฐ ์์ต๋๋ค.\r\n๊ถํ์ด ๊ฑฐ๋ถ๋์์ต๋๋ค(๊ณต๊ฐ ํค).\r\n",
"์ฐ๊ฒฐํ ์ ์์": true}
์ฌ์๋ํ๋ ค๋ฉด --limit @/etc/ansible/tomserver.retry๋ฅผ ์ฌ์ฉํ์ญ์์ค.๋์์ฃผ์ธ์
โ
๋น์ ์ด ๋๊ธ์ ๋ฌ์๊ธฐ ๋๋ฌธ์ ์ด๊ฒ์ ๋ฐ๋ ๊ฒ์ ๋๋ค.
์ด ์ด๋ฉ์ผ์ ์ง์ ๋ต์ฅํ๊ณ GitHub์์ ํ์ธํ์ธ์.
https://github.com/ansible/ansible/issues/19584#issuecomment-420827308 ,
๋๋ ์ค๋ ๋ ์์๊ฑฐ
https://github.com/notifications/unsubscribe-auth/An-8H0G3NUSkpFXpcm2hkAXXGco3eMmyks5uaZO0gaJpZM4LSWpz
.
ํด๊ฒฐ์ฑ
์ ์ฐพ์์ต๋๋ค.
๋ด ์ด์ ์ฒด์ ๋ Mac OS์์ผ๋ฉฐ 'remote_user = root ' ์ค์์ 'ansible.cfg'๋ฅผ ๋ณ๊ฒฝํ๋ฉด ๋ฌธ์ ๊ฐ ํด๊ฒฐ๋์์ต๋๋ค.
์! ๋๋ ๊ฐ์ ์ผ์ํด์ผํ๋ค! ํด๊ฒฐํ์ จ๋ค๋ ๋คํ์ ๋๋ค!
2018๋
9์ 18์ผ ํ์์ผ ์ค์ 4:09 ZhangZhongyuan [email protected]
์ผ๋ค:
ํด๊ฒฐ์ฑ ์ ์ฐพ์์ต๋๋ค.
๋ด ์ด์ ์ฒด์ ๋ Mac OS์ด๊ณ 'ansible.cfg'๋ฅผ ๋ณ๊ฒฝํฉ๋๋ค.
์ค 'remote_user = root ' , ๋ฌธ์ ๊ฐ ํด๊ฒฐ๋์์ต๋๋ค.โ
๋น์ ์ด ๋๊ธ์ ๋ฌ์๊ธฐ ๋๋ฌธ์ ์ด๊ฒ์ ๋ฐ๋ ๊ฒ์ ๋๋ค.
์ด ์ด๋ฉ์ผ์ ์ง์ ๋ต์ฅํ๊ณ GitHub์์ ํ์ธํ์ธ์.
https://github.com/ansible/ansible/issues/19584#issuecomment-422297005 ,
๋๋ ์ค๋ ๋ ์์๊ฑฐ
https://github.com/notifications/unsubscribe-auth/An-8H0zGJ4zE4mKmaMtXDAtInZNDlrW4ks5ucKpCgaJpZM4LSWpz
.
๋ค์ ํ๋๊ทธ๋ก ํ๋ ์ด๋ถ์ ์คํํ์ต๋๋ค.
sible-playbook playbook.yml --ask-pass - ๋์์ด ๋์์ต๋๋ค.
ํธ์คํธ์์ ๋น์ ์ ๋ํ ํ ์ ์์ต๋๋ค.
๋์์ ip ์์ ์์ต๋๋ค. ์ด๋ฅผ ํตํด
์ถ๊ฐ ์ํธ ํ๋กฌํํธ.
2018๋ 10์ 2์ผ ํ์์ผ ์ค์ 11:15 jluntnscc [email protected]์์ ๋ค์๊ณผ ๊ฐ์ด ์์ฑํ์ต๋๋ค.
๋ค์ ํ๋๊ทธ๋ก ํ๋ ์ด๋ถ์ ์คํํ์ต๋๋ค.
sible-playbook playbook.yml --ask-pass - ๋์์ด ๋์์ต๋๋ค.
โ
๋น์ ์ด ๋๊ธ์ ๋ฌ์๊ธฐ ๋๋ฌธ์ ์ด๊ฒ์ ๋ฐ๋ ๊ฒ์ ๋๋ค.
์ด ์ด๋ฉ์ผ์ ์ง์ ๋ต์ฅํ๊ณ GitHub์์ ํ์ธํ์ธ์.
https://github.com/ansible/ansible/issues/19584#issuecomment-426312089 ,
๋๋ ์ค๋ ๋ ์์๊ฑฐ
https://github.com/notifications/unsubscribe-auth/An-8HzRVj8-BqcUiQywgQYKIVbcr4yzdks5ug4MEgaJpZM4LSWpz
.
์ด ์๋
๊ฐ๋ฅํ ๋ชจ๋ -m ํ
๊ฐ๋ฅํ all -u raj -m ping
๋๋
๊ฐ๋ฅํ ๋ฐ๋ชจ ์๋ฒ -u raj -m ping
๋๋
๊ฐ๋ฅ -m ping all -u raj --ask-pass
๋๋ ์ด ๋งํฌ๋ฅผ ๋ฐ๋ผ๊ฐ๋ฉด ์ถ๊ฐ ์ ๋ณด๋ฅผ ์ป์ ์ ์์ต๋๋ค.
https://www.itzgeek.com/how-tos/linux/ubuntu-how-tos/install-ansible-automation-tool-for-it-management-on-centos-7-ubuntu-14-04-fedora- 22-ํํธ-1.html
๋๋ฅผ ์ํด ์ผํ ๊ฒ์ ssh ํค์ ๋ํ ๊ฒฝ๋ก๋ฅผ ๊ฐ๋๋ก ํธ์คํธ ํ์ผ์ ์ ๋ฐ์ดํธํ๋ ๊ฒ์ด ์์ต๋๋ค.
[webserver]
IP_ADDRESS ansible_user=ubuntu ansible_connection=ssh ansible_private_key_file=~/.ssh/key.pem
์ข์ ์๋ฃจ์ ์ ๋๋ค. ์ด๊ฒ์ ์ฌ๋ฌ ๋์์ ์ฒ๋ฆฌํฉ๋๋ค!
2018๋ 10์ 29์ผ ์์์ผ ์คํ 4์ 2๋ถ fhackenb [email protected]์์ ๋ค์๊ณผ ๊ฐ์ด ์์ฑํ์ต๋๋ค.
๋๋ฅผ ์ํด ์ผํ ๊ฒ์ ssh์ ๋ํ ๊ฒฝ๋ก๋ฅผ ๊ฐ๋๋ก ํธ์คํธ ํ์ผ์ ์ ๋ฐ์ดํธํ๋ ๊ฒ์ด ์์ต๋๋ค.
์ด์ :[์น ์๋ฒ]
IP_ADDRESS ansible_user=์ฐ๋ถํฌ ansible_connection=ssh ansible_private_key_file=~/.ssh/key.pemโ
๋น์ ์ด ๋๊ธ์ ๋ฌ์๊ธฐ ๋๋ฌธ์ ์ด๊ฒ์ ๋ฐ๋ ๊ฒ์ ๋๋ค.
์ด ์ด๋ฉ์ผ์ ์ง์ ๋ต์ฅํ๊ณ GitHub์์ ํ์ธํ์ธ์.
https://github.com/ansible/ansible/issues/19584#issuecomment-434057611 ,
๋๋ ์ค๋ ๋ ์์๊ฑฐ
https://github.com/notifications/unsubscribe-auth/An-8HzLY4PQVaWdPDOH0bHGnh9xpzmDWks5up17AgaJpZM4LSWpz
.
@riteshpuj2013 ์๋ฃจ์ ํ์ ์ ์๋ํฉ๋๋ค.
ansible-playbook test.yml --ask-pass
์ด ๋ฌธ์ ๊ฐ ๋ฐ์ํฉ๋๋ค. ์งํ ๋ฐฉ๋ฒ์ ์ ๋ชจ๋ฅด๊ฒ ์ต๋๋ค.
ํ์ด@10.8.0.142 | ๋๋ฌํ ์ ์์ต๋๋ค! => {
"๋ณ๊ฒฝ๋": ๊ฑฐ์ง,
"msg": "์ธ์ฆ ๋๋ ๊ถํ ์คํจ์
๋๋ค. ์ด๋ค ๊ฒฝ์ฐ์๋ ์ธ์ฆํ ์ ์์์ง๋ง ๋์ ๋๋ ํ ๋ฆฌ์ ๋ํ ๊ถํ์ด ์์์ ์ ์์ต๋๋ค. asible.cfg์ ์๊ฒฉ tmp ๊ฒฝ๋ก๋ฅผ \"/tmp์ ๋ฃจํธ๋ฅผ ๋ ๊ฒฝ๋ก๋ก ๋ณ๊ฒฝํ๋ ๊ฒ์ ๊ณ ๋ คํ์ญ์์ค. \". ์คํจํ ๋ช
๋ น: ( umask 77 && mkdir -p \" echo /tmp/.ansible/tmp/ansible-tmp-1543139945.24-52208136278646
\" && echo ansible-tmp-1543139945.24-52208136278646=\" echo /tmp/.ansible/tmp/ansible-tmp-1543139945.24-52208136278646
\" ), ๊ฒฐ๊ณผ 1๊ณผ ํจ๊ป ์ข
๋ฃ๋จ ",
"์ฐ๊ฒฐํ ์ ์์": ์ฌ์ค
}
๊ฐ๋ฅํ ํ๋ ์ด๋ถ์ ์คํํ ์ ์์ง๋ง ๊ฐ๋ฅํ ํ์๋ก ๋์ผํ ํ๋ ์ด๋ถ์ ์คํํ๋ ๋์ ์ค๋ฅ๊ฐ ๋ฐ์ํจ
<192.168.0.17> ์ฌ์ฉ์๋ฅผ ์ํ SSH ์ฐ๊ฒฐ ์ค์ : admin
<192.168.0.17> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=admin -o ConnectTimeout=10 -o ControlPath=/tmp/awx_86_9cdeKb/cp/86796477d7 192.168.0.17 '/bin/sh -c '"'"'echo ~admin && sleep 0'"'" ''
<192.168.0.17> (255, '', "๊ฒฝ๊ณ : ์๋ ค์ง ํธ์คํธ ๋ชฉ๋ก์ '192.168.0.17'(ECDSA)์ด ์๊ตฌ์ ์ผ๋ก ์ถ๊ฐ๋์์ต๋๋ค.\r\n๊ถํ ๊ฑฐ๋ถ๋จ(publickey,gssapi-keyex,gssapi-with-mic,password ).\r\n")
์น๋ช
์ : [192.168.0.17]: ๋๋ฌํ ์ ์์ต๋๋ค! => {
"๋ณ๊ฒฝ๋": ๊ฑฐ์ง,
"msg": "ssh๋ฅผ ํตํ ํธ์คํธ ์ฐ๊ฒฐ ์คํจ: ๊ฒฝ๊ณ : ์๋ ค์ง ํธ์คํธ ๋ชฉ๋ก์ '192.168.0.17'(ECDSA)์ด ์๊ตฌ์ ์ผ๋ก ์ถ๊ฐ๋์์ต๋๋ค.\r\n๊ถํ ๊ฑฐ๋ถ๋จ(publickey,gssapi-keyex,gssapi-with-mic ,๋น๋ฐ๋ฒํธ).\r\n","์ฐ๊ฒฐํ ์ ์์": ์ฌ์ค
}
์ด ๋ฌธ์ ๊ฐ ๋ฐ์ํฉ๋๋ค. ํด๊ฒฐ ๋ฐฉ๋ฒ์ ์๋ ค์ฃผ์ธ์.
์ฐ๋ถํฌ @master : ~ $ ansible - ๊ฐ๋ณธ playbook2.yml -b PLAY [172.31.42.20] * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * TASK [ํฉํธ ์์ง] * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
์น๋ช
์ : [172.31.42.20]: ๋๋ฌํ ์ ์์ต๋๋ค! => {"changed": false, "msg": "ssh๋ฅผ ํตํด ํธ์คํธ์ ์ฐ๊ฒฐํ์ง ๋ชปํ์ต๋๋ค: ๊ถํ์ด ๊ฑฐ๋ถ๋์์ต๋๋ค(publickey,password).\r\n", "unreachable": true}
์ฌ ์๋์ ์ฌ์ฉ : --limit @ / ํ / ์ฐ๋ถํฌ / playbook2.retry์ ์ฌ์ RECAP * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
์ด ๋ฌธ์ ๊ฐ ๋ฐ์ํฉ๋๋ค. ํด๊ฒฐ ๋ฐฉ๋ฒ์ ์๋ ค์ฃผ์ธ์.
์ฐ๋ถํฌ @ ๋ง์คํฐ : ~ $ ansible - ๊ฐ๋ณธ playbook2.yml -b PLAY [172.31.42.20] * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * TASK [ํฉํธ ์์ง] * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
์น๋ช ์ : [172.31.42.20]: ๋๋ฌํ ์ ์์ต๋๋ค! => {"changed": false, "msg": "ssh๋ฅผ ํตํด ํธ์คํธ์ ์ฐ๊ฒฐํ์ง ๋ชปํ์ต๋๋ค: ๊ถํ์ด ๊ฑฐ๋ถ๋์์ต๋๋ค(publickey,password).\r\n", "unreachable": true}
์ฌ ์๋์ ์ฌ์ฉ : --limit @ / ํ / ์ฐ๋ถํฌ / playbook2.retry์ ์ฌ์ RECAP * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
172.31.42.20 : ํ์ธ=0 ๋ณ๊ฒฝ๋จ=0 ์ฐ๊ฒฐํ ์ ์์=1 ์คํจ=0
์ฐ๋ฆฌ๊ฐ ๊ฐ์ง๊ณ ์๋ ๋ ๊ฐ์ง ์๋ฃจ์ : -
password less auth (you can refer google how to generate rsa key )
add ask_pass=true in ancible.cfg file. (This will ask password when you run ansible)
ํธ์คํธ ์์คํ
์ ๋ํ SSH ์ฐ๊ฒฐ์ ์ค์ ํ๊ณ ํ
์คํธํ์ญ์์ค.
์๋ฃ๋๋ฉด /etc/ansible/hosts ํ์ผ์์ ์ ์ ํ ํธ์คํธ IP๋ฅผ ์ ๊ณตํฉ๋๋ค.
์ด์ ๊ฐ๋ฅํ ์ปดํจํฐ์ ๊ฒ์คํธ ์ปดํจํฐ ๊ฐ์ ๋ณด์ ์ฐ๊ฒฐ์ ํ
์คํธํ๋ ค๋ฉด ์๋ ๋ช
๋ น์ ์ฌ์ฉํ์ญ์์ค.
-> ๊ฐ๋ฅ -i ํธ์คํธ -u ๋ฐฉ๋์ --ask-pass -m ๋ชจ๋ ํ
ํธ์คํธ-> ํธ์คํธ ํ์ผ(์ ์ ํ ๊ฒ์คํธ IP ์ ๊ณต)
-u vagrant -> vagrant๋ ๋ด ๊ฒ์คํธ ์ปดํจํฐ ์ฌ์ฉ์ ์ด๋ฆ์
๋๋ค.
--ask-pass-> ๊ฒ์คํธ m/c์ ์ฐ๊ฒฐํ๊ธฐ ์ํด SSH ์ํธ๋ฅผ ์
๋ ฅํ ์ ์์ต๋๋ค.
์ฐธ๊ณ : --ask-pass๋ฅผ ์ฌ์ฉํ์ง ์์ผ๋ฉด ์ค๋ฅ๊ฐ ๋ฐ์ํฉ๋๋ค.
๋์์ด ๋์ จ๋ค๋ฉด ๊ฐ์ฌํฉ๋๋ค :)
/etc/ansible/hosts๊ฐ ์๋ชป๋์์ ๊ฐ๋ฅ์ฑ์ด ํฝ๋๋ค.
๋๋ ๊ฐ๋ฅ์ ์ต์ํ์ง ์์ต๋๋ค. ์๋ฌด๋ ๋๋ฅผ ๋์ธ ์ ์์ต๋๊น?
34.201.109.32 | ๋๋ฌํ ์ ์์ต๋๋ค! => {
"๋ณ๊ฒฝ๋": ๊ฑฐ์ง,
"msg": "ssh๋ฅผ ํตํด ํธ์คํธ์ ์ฐ๊ฒฐํ์ง ๋ชปํ์ต๋๋ค: [email protected] : ๊ถํ์ด ๊ฑฐ๋ถ๋์์ต๋๋ค(๊ณต๊ฐ ํค).\r\n",
"์ฐ๊ฒฐํ ์ ์์": ์ฌ์ค
}
ํธ์คํธ ํ์ผ์ ๋์ ๋จธ์ ์ ๋น๋ฐ๋ฒํธ๋ฅผ ํฌํจ์ํค์ญ์์ค.
์ผ๋ฐ์ ์ผ๋ก ๊ธฐ์กด ssh ์ฐ๊ฒฐ์ด ์์ด์ผ ํฉ๋๋ค.
ํธ์คํธ ๋ฐ ๋ก์ปฌ ์์คํ
์ ๋ํ RSA ํค๋ฅผ ์์ฑํฉ๋๋ค. ssh๋ฅผ ์๋ํ์ญ์์ค
๊ทธ๋ฐ ๋ค์ ํธ์คํธ๋ฅผ ๋ค์ ์คํํ ์ ์์ต๋๋ค.
2019๋
1์ 20์ผ ์ผ์์ผ ์ค์ 11:22 Venkata Bhanusree Vadlamudi <
[email protected]>์ ๋ค์๊ณผ ๊ฐ์ด ์ผ์ต๋๋ค.
๋๋ ๊ฐ๋ฅ์ ์ต์ํ์ง ์์ต๋๋ค. ์๋ฌด๋ ๋๋ฅผ ๋์ธ ์ ์์ต๋๊น?
34.201.109.32 | ๋๋ฌํ ์ ์์ต๋๋ค! => {
"๋ณ๊ฒฝ๋": ๊ฑฐ์ง,
"msg": "ssh๋ฅผ ํตํ ํธ์คํธ ์ฐ๊ฒฐ ์คํจ: [email protected] :
๊ถํ์ด ๊ฑฐ๋ถ๋์์ต๋๋ค(๊ณต๊ฐ ํค).\r\n",
"์ฐ๊ฒฐํ ์ ์์": ์ฌ์ค
}โ
๋น์ ์ด ๋๊ธ์ ๋ฌ์๊ธฐ ๋๋ฌธ์ ์ด๊ฒ์ ๋ฐ๋ ๊ฒ์ ๋๋ค.
์ด ์ด๋ฉ์ผ์ ์ง์ ๋ต์ฅํ๊ณ GitHub์์ ํ์ธํ์ธ์.
https://github.com/ansible/ansible/issues/19584#issuecomment-455880089 ,
๋๋ ์ค๋ ๋ ์์๊ฑฐ
https://github.com/notifications/unsubscribe-auth/An-8H0nPfSdUELQxzoQAvvHHlsau7uyBks5vFJfOgaJpZM4LSWpz
.
๋ก์ปฌ ํฐ๋ฏธ๋์์ ssh ๋ช ๋ น์ ์ฌ์ฉํ๋ฉด ec2 ์ธ์คํด์ค์ ์ฐ๊ฒฐํ ์ ์์ต๋๋ค. ๊ทธ๋ฌ๋ ๊ฐ๋ฅํ ์คํฌ๋ฆฝํธ๋ฅผ ์คํํ๋ฉด ์ค๋ฅ๊ฐ ๋ฐ์ํฉ๋๋ค.
34.201.109.32 | ๋๋ฌํ ์ ์์ต๋๋ค! => {
"๋ณ๊ฒฝ๋": ๊ฑฐ์ง,
"msg": "ssh๋ฅผ ํตํด ํธ์คํธ์ ์ฐ๊ฒฐํ์ง ๋ชปํ์ต๋๋ค: [email protected] : ๊ถํ์ด ๊ฑฐ๋ถ๋์์ต๋๋ค(๊ณต๊ฐ ํค).\r\n",
"์ฐ๊ฒฐํ ์ ์์": ์ฌ์ค
}
AWS ec2 ์ธ์คํด์ค๋ฅผ ์ฌ์ฉํ๋ ๊ฒฝ์ฐ AWS๋ฅผ ํตํด ๊ณต๊ฐ ํค๋ฅผ ์์ฑํด์ผ ํฉ๋๋ค.
๊ทธ๊ฒ์ ๋ค์ด๋ก๋ํ๊ณ ssh ์ธ์
์ด ํด๋น ํค๋ฅผ ๊ฐ๋ฆฌํค๋๋ก ํฉ๋๋ค. ์ ๋ํ ํํ ๋ฆฌ์ผ์ด ์์ต๋๋ค.
์ด ์ ์ฐจ๋ฅผ ์จ๋ผ์ธ์ผ๋ก.
2019๋
1์ 20์ผ ์ผ์์ผ ์คํ 4:48 Venkata Bhanusree Vadlamudi <
[email protected]>์ ๋ค์๊ณผ ๊ฐ์ด ์ผ์ต๋๋ค.
๋ก์ปฌ ํฐ๋ฏธ๋์์ ssh ๋ช ๋ น์ ์ฌ์ฉํ ๋ ์ฐ๊ฒฐํ ์ ์์ต๋๋ค.
ec2 ์ธ์คํด์ค์. ๊ทธ๋ฌ๋ ๊ฐ๋ฅํ ์คํฌ๋ฆฝํธ๋ฅผ ์คํํ๋ฉด ์ค๋ฅ๊ฐ ๋ฐ์ํฉ๋๋ค.34.201.109.32 | ๋๋ฌํ ์ ์์ต๋๋ค! => {
"๋ณ๊ฒฝ๋": ๊ฑฐ์ง,
"msg": "ssh๋ฅผ ํตํ ํธ์คํธ ์ฐ๊ฒฐ ์คํจ: [email protected] :
๊ถํ์ด ๊ฑฐ๋ถ๋์์ต๋๋ค(๊ณต๊ฐ ํค).\r\n",
"์ฐ๊ฒฐํ ์ ์์": ์ฌ์ค
}โ
๋น์ ์ด ๋๊ธ์ ๋ฌ์๊ธฐ ๋๋ฌธ์ ์ด๊ฒ์ ๋ฐ๋ ๊ฒ์ ๋๋ค.
์ด ์ด๋ฉ์ผ์ ์ง์ ๋ต์ฅํ๊ณ GitHub์์ ํ์ธํ์ธ์.
https://github.com/ansible/ansible/issues/19584#issuecomment-455905472 ,
๋๋ ์ค๋ ๋ ์์๊ฑฐ
https://github.com/notifications/unsubscribe-auth/An-8Hya_SkLrHT-HLYEOPEE2QXsSuDOJks5vFOQOgaJpZM4LSWpz
.
์๋ ํ์ธ์ ์ฌ๋ฌ๋ถ,
๋๋ ๊ฐ์ ๋ฌธ์ ๊ฐ ์์๋ค.
๋ด devops ์ฌ์ฉ์๋ ๋ชจ๋ ์๋ฒ์ sshํ ์ ์์ง๋ง mysuer๋ฅผ ์ฌ์ฉํ์ฌ ๊ฐ๋ฅํ ๋ช ๋ น์ ์คํํ๋ ค๊ณ ํ ๋ ํญ์ ์ค๋ฅ๊ฐ ๋ฐ์ํ์ต๋๋ค... UNREACHABLE! ...
"mysuer" ssh serverDestiny(์ธ๋ฒคํ ๋ฆฌ ํ์ผ์ ์๋ ์๋ฒ)๋ฅผ ์ฌ์ฉํ์ฌ fqdn์ ์ฌ์ฉํ๋ ๊ฒฝ์ฐ FQDN์ ssh๋ฅผ ๋ง๋ค์ด์ผ ํจ์ ์ฐธ๊ณ ํ์ฌ ํด๊ฒฐํ์ต๋๋ค.
์์:
๊ณ ์์ด ์ธ๋ฒคํ ๋ฆฌ
์๋ฒ1[ myuser@workstation ansible-deploy-cr] ssh-keygen
[ myuser@workstation ansible-deploy-cr] ssh-copy-id -i devops@server1
ํ ์คํธ..
[ myuser@workstation ansible-deploy-cr ] ssh ' devops@server1์ด๊ฒ์ด ๋์์ด ๋๊ธฐ๋ฅผ ๋ฐ๋๋๋ค.
๊ทธ๋ ๋ค๋ฉด ์ข์์ ๐
๊ฐ์ฌ ํด์,
์ ๋ธ๋ฆฌํ
์ด๊ฒ์ ํ๋ผ์ด๋น VPC์ AWS์์ ๋ด ๋ฌธ์ ๋ฅผ ํด๊ฒฐํ์ต๋๋ค. ๋ชจ๋ ์๋ฒ์ ๋ํด ๋ด๋ถ fqdn์ด ํ์ํฉ๋๋ค.
์๋ค ์,
๋๋ localhost์ ๋ํด ๊ฐ์ ๋ฌธ์ ์ ์ง๋ฉดํ๊ณ '$ ssh localhost'๊ฐ ์ํธ๋ฅผ ์๊ตฌํ๋ค๋ ๊ฒ์ ๊นจ๋ฌ์์ต๋๋ค. localhost์ 'user' ๊ณต๊ฐํค๋ฅผ authorized_key๋ก ์ฎ๊ฒจ์ ํด๊ฒฐํ์ต๋๋ค.
ssh-copy-id -i ~/.ssh/id_rsa.pub test@localhost
authorized_key ํ์ผ์ ํ์ํ ํค๊ฐ ์๋์ง ํ์ธํ์ญ์์ค.
ํ ์คํธ๋ ์ฌ์ฉ์ ์ด๋ฆ์ ๋๋ค
์.....๋๊ธ ์ ์ฝ์์ต๋๋ค. ๋ฌธ์ ๊ฐ ์ฌ์ ํ ์กด์ฌํ๋ค๋ ๊ฒ์ ๋ฏฟ์ ์ ์์ต๋๋ค. ๋๋ ์ต์ ๊ฐ๋ฅํฉ๋๋ค. ์ด๊ฒ์ด ์คํ ์์ค ์ฌ์ฉ์ ๊ณ ํต ์ค ํ๋๋ผ๊ณ ์๊ฐํฉ๋๋ค.
vagrant<strong i="6">@mgmt</strong>:~$ ansible lb -u vagrant -m ping -vvv
ansible 2.7.8
config file = /home/vagrant/ansible.cfg
configured module search path = [u'/home/vagrant/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/dist-packages/ansible
executable location = /usr/bin/ansible
python version = 2.7.12 (default, Nov 12 2018, 14:36:49) [GCC 5.4.0 20160609]
Using /home/vagrant/ansible.cfg as config file
[DEPRECATION WARNING]: [defaults]hostfile option, The key is misleading as it can also be a list of hosts, a directory or a list of paths , use [defaults] inventory=/path/to/file|dir
instead. This feature will be removed in version 2.8. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg.
/home/vagrant/inventory.ini did not meet host_list requirements, check plugin documentation if this is unexpected
/home/vagrant/inventory.ini did not meet script requirements, check plugin documentation if this is unexpected
/home/vagrant/inventory.ini did not meet yaml requirements, check plugin documentation if this is unexpected
Parsed /home/vagrant/inventory.ini inventory source with ini plugin
[WARNING]: Found both group and host with same name: lb
META: ran handlers
<lb> ESTABLISH SSH CONNECTION FOR USER: vagrant
<lb> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=vagrant -o ConnectTimeout=10 -o ControlPath=/home/vagrant/.ansible/cp/2302ac11ec lb '/bin/sh -c '"'"'echo ~vagrant && sleep 0'"'"''
<lb> (255, '', 'Permission denied (publickey).\r\n')
lb | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: Permission denied (publickey).",
"unreachable": true
}
์ข์, ์ฌ๊ธฐ ๋๋ฅผ ์ํด ์ผํ ๊ฒ์ด ์์ต๋๋ค -
์๊ฒฉ ์ปดํจํฐ lb ์ ๋ก๊ทธ์ธํ์ต๋๋ค. ~/.ssh/authorised_keys๋ฅผ ํธ์งํ๊ณ ๊ฐ๋ฅํ ๋ง์คํฐ์ id_rsa.pub ํค๋ฅผ ์ถ๊ฐํ์ต๋๋ค. ์ ์ฅํ๊ณ ์ข
๋ฃํ์ต๋๋ค. lb์์ sshd๋ฅผ ๋ฐ์กํ์ต๋๋ค.
์ด๊ฒ์ ์๋ฒฝํ ๋ฐฉ๋ฒ์ ์๋์ง๋ง ์ด๊ธฐ ํ ์คํธ๋ฅผ ์งํํ๊ฒ ํฉ๋๋ค.
ํธ์ง 1 - ๋ํ ์๊ฒฉ ์์คํ (ansible์ ์ํด ๊ด๋ฆฌ๋ ํด๋ผ์ด์ธํธ)์ python์ด ์ค์น๋์ด ์์ด์ผ ํฉ๋๋ค.
์ถ์ - ssh-copy-id -i ๋ฐฉ๋ฒ์กฐ์ฐจ๋ ๋์ผํ ๊ถํ ๊ฑฐ๋ถ ์ค๋ฅ๋ก ์คํจํ์ต๋๋ค (๊ณต๊ฐ ํค)
vagrant @mgmt : ~$ ansible lb -m ping -vvv
๊ฐ๋ฅํ 2.7.8
์ค์ ํ์ผ = /home/vagrant/ansible.cfg
๊ตฌ์ฑ๋ ๋ชจ๋ ๊ฒ์ ๊ฒฝ๋ก = [u'/home/vagrant/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
์ค์๋ธ ํ์ด์ฌ ๋ชจ๋ ์์น = /usr/lib/python2.7/dist-packages/ansible
์คํ ์์น = /usr/bin/ansible
ํ์ด์ฌ ๋ฒ์ = 2.7.12(๊ธฐ๋ณธ๊ฐ, 2018๋ 11์ 12์ผ, 14:36:49) [GCC 5.4.0 20160609]
/home/vagrant/ansible.cfg๋ฅผ ์ค์ ํ์ผ๋ก ์ฌ์ฉํ๊ธฐ
[์ฌ์ฉ ์ค๋จ ๊ฒฝ๊ณ ]: [๊ธฐ๋ณธ๊ฐ]hostfile ์ต์ , ํค๋ ํธ์คํธ ๋ชฉ๋ก, ๋๋ ํ ๋ฆฌ ๋๋ ๊ฒฝ๋ก ๋ชฉ๋ก์ผ ์๋ ์์ผ๋ฏ๋ก ์คํด์ ์์ง๊ฐ ์์ต๋๋ค. [defaults] inventory=/path/to/file|dir ์ฌ์ฉ
๋์ ์. ์ด ๊ธฐ๋ฅ์ ๋ฒ์ 2.8์์ ์ ๊ฑฐ๋ฉ๋๋ค. ์ฌ์ฉ ์ค๋จ ๊ฒฝ๊ณ ๋ ansible.cfg์์ deprecation_warnings=False๋ฅผ ์ค์ ํ์ฌ ๋นํ์ฑํํ ์ ์์ต๋๋ค.
/home/vagrant/inventory.ini๊ฐ host_list ์๊ตฌ ์ฌํญ์ ์ถฉ์กฑํ์ง ์์์ต๋๋ค. ์์์น ๋ชปํ ๊ฒฝ์ฐ ํ๋ฌ๊ทธ์ธ ์ค๋ช ์๋ฅผ ํ์ธํ์ธ์.
/home/vagrant/inventory.ini๊ฐ ์คํฌ๋ฆฝํธ ์๊ตฌ ์ฌํญ์ ์ถฉ์กฑํ์ง ์์์ต๋๋ค. ์์์น ๋ชปํ ๊ฒฝ์ฐ ํ๋ฌ๊ทธ์ธ ์ค๋ช ์๋ฅผ ํ์ธํ์ญ์์ค.
/home/vagrant/inventory.ini๊ฐ yaml ์๊ตฌ ์ฌํญ์ ์ถฉ์กฑํ์ง ๋ชปํ์ต๋๋ค. ์์์น ๋ชปํ ๊ฒฝ์ฐ ํ๋ฌ๊ทธ์ธ ์ค๋ช ์๋ฅผ ํ์ธํ์ธ์.
ini ํ๋ฌ๊ทธ์ธ์ ์ฌ์ฉํ์ฌ /home/vagrant/inventory.ini ์ธ๋ฒคํ ๋ฆฌ ์์ค๋ฅผ ๊ตฌ๋ฌธ ๋ถ์ํ์ต๋๋ค.
[๊ฒฝ๊ณ ]: ๊ฐ์ ์ด๋ฆ์ ๊ทธ๋ฃน๊ณผ ํธ์คํธ๋ฅผ ๋ชจ๋ ์ฐพ์์ต๋๋ค. lbMETA: ํธ๋ค๋ฌ๋ฅผ ์คํํ์ต๋๋ค.
์ฌ์ฉ์๋ฅผ ์ํ SSH ์ฐ๊ฒฐ ์ค์ : ์์
SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/home/vagrant/.ansible/cp/e51df67eb4 lb '/bin/sh -c '"'"'์์ฝ ~ && ์ ์ 0'"'"''
(0, '/์ง/๋ฐฉ๋์\n', '')
์ฌ์ฉ์๋ฅผ ์ํ SSH ์ฐ๊ฒฐ ์ค์ : ์์
SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/home/vagrant/.ansible/cp/e51df67eb4 lb '/bin/sh -c '"'"'( umask 77 && mkdir -p "
echo /home/vagrant/.ansible/tmp/ansible-tmp-1552670816.4-42574892310286
" && echo ansible-tmp-1552670816.4-4250286231 ="echo /home/vagrant/.ansible/tmp/ansible-tmp-1552670816.4-42574892310286
" ) && ์ ์ 0'"'"''(0, 'ansible-tmp-1552670816.4-42574892310286=/home/vagrant/.ansible/tmp/ansible-tmp-1552670816.4-42574892310286\n', '')
๋ชจ๋ ํ์ผ ์ฌ์ฉ /usr/lib/python2.7/dist-packages/ansible/modules/system/ping.pyPUT /home/vagrant/.ansible/tmp/ansible-local-2173_L8KXK/tmpXoK8R8 TO /home/vagrant/.ansible/tmp/ansible-tmp-1552670816.4-42574892310286/AnsiballZ_ping.py
SSH: EXEC sftp -b - -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout= 10 -o ControlPath=/home/vagrant/.ansible/cp/e51df67eb4 '[lb]'
(0, 'sftp> put /home/vagrant/.ansible/tmp/ansible-local-2173_L8KXK/tmpXoK8R8 /home/vagrant/.ansible/tmp/ansible-tmp-1552670816.4-42574892310286/'ping ')
์ฌ์ฉ์๋ฅผ ์ํ SSH ์ฐ๊ฒฐ ์ค์ : ์์
SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/home/vagrant/.ansible/cp/e51df67eb4 lb '/bin/sh -c '"'"'chmod u+x /home/vagrant/.ansible/tmp/ansible-tmp-1552670816.4-42574892310286//home /vagrant/.ansible/tmp/ansible-tmp-1552670816.4-42574892310286/AnsiballZ_ping.py && ์ ์ 0'"'"''
(0, '', '')
์ฌ์ฉ์๋ฅผ ์ํ SSH ์ฐ๊ฒฐ ์ค์ : ์์
SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/home/vagrant/.ansible/cp/e51df67eb4 -tt lb '/bin/sh -c '"'"'/usr/bin/python /home/vagrant/.ansible/tmp/ansible-tmp-1552670816.4- 42574892310286/AnsiballZ_ping.py && ์ ์ 0'"'"''
(0, '\r\n{"invocation": {"module_args": {"data": "pong"}}, "ping": "pong"}\r\n', 'lb์ ๋ํ ๊ณต์ ์ฐ๊ฒฐ์ด ๋ซํ์ต๋๋ค. \r\n')
์ฌ์ฉ์๋ฅผ ์ํ SSH ์ฐ๊ฒฐ ์ค์ : ์์
SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/home/vagrant/.ansible/cp/e51df67eb4 lb '/bin/sh -c '"'"'rm -f -r /home/vagrant/.ansible/tmp/ansible-tmp-1552670816.4-42574892310286/ > /dev/null 2>&1 && ์ ์ 0'"'"''
(0, '', '')
ํ์ด๋ | ์ฑ๊ณต => {
"๋ณ๊ฒฝ๋": ๊ฑฐ์ง,
"ํธ์ถ": {
"module_args": {
"๋ฐ์ดํฐ": "ํ"
}
},
"ํ๊ตฌ"
}
๊ฐ์ฅ ์ ์ฉํ ๋๊ธ
์ข์,
๋ช ๋ น์
all
๋ฅผ ์ง์ ํ๋ฉด ๋๋ฒ๊ทธํ๊ธฐ๊ฐ ์ฝ๊ฐ ์ด๋ ต์ต๋๋ค.hosts
ํ์ผ์ ๋ชจ๋ ํ์ ์ฃผ์์ ์ถ๊ฐํ์ญ์์ค.๋ค์์ ์คํํ์ญ์์ค.
๊ทธ๋ฆฌ๊ณ ์ถ๋ ฅ์ ๋ณด์ฌ์ฃผ์ธ์.
๋ฌธ์ ์ธ์ฌ